Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Cookie cannot be deleted by API

  • 6 replies
  • 1 has this problem
  • 10 views
  • Last reply by cor-el

more options

I have a cookie that is set by https://www.kinguin.net/ that cannot be deleted via the API. I discovered it while using the Cookie AutoDelete add-on. It would continually try to delete the cookie but was never successful.

I posted a bug report for the add-on and it was discovered to be a problem with the way the cookie was being set (not capitalizing the first letter in the "Expires" directive).

You can see the report here: https://github.com/Cookie-AutoDelete/Cookie-AutoDelete/issues/538

I know that the problem is that the website is setting the cookie improperly, but should it be possible for a website to create a cookie that cannot b deleted by the Firefox API?

I have a cookie that is set by https://www.kinguin.net/ that cannot be deleted via the API. I discovered it while using the Cookie AutoDelete add-on. It would continually try to delete the cookie but was never successful. I posted a bug report for the add-on and it was discovered to be a problem with the way the cookie was being set (not capitalizing the first letter in the "Expires" directive). You can see the report here: https://github.com/Cookie-AutoDelete/Cookie-AutoDelete/issues/538 I know that the problem is that the website is setting the cookie improperly, but should it be possible for a website to create a cookie that cannot b deleted by the Firefox API?

All Replies (6)

more options

If your using their site then you agreed to their TOS and cookie and tracking usage. You should contact their site support about the issue your having.

Modified by WestEnd

more options

My problem is not with the site setting the cookie improperly, it is with the browser allowing the cookie to be set improperly or not enforcing proper syntax (shouldn't it just ignore any directive that has improper syntax?)

more options

This looks more like a case where a semicolon has been omitted between path=/ and expires=.

remove: function (e) {
 if (!l.canUseDOM) return null;
  document.cookie = ''.concat(e, '=; path=/ expires=Thu, 01 Jan 1970 00:00:01 GMT;')
}

Should be:

remove: function (e) {
 if (!l.canUseDOM) return null;
  document.cookie = ''.concat(e, '=; path=/; expires=Thu, 01 Jan 1970 00:00:01 GMT;')
}

Document.cookies is a list of key=value pairs separated by semicolons.

You can contact the website about this error.

Modified by cor-el

more options

Note that you can use the Storage Inspector to remove these cookies.

more options

Thanks for all the responses!

I am able to delete the cookie using Firefox's Options - Privacy & Security - Manage Data, that is not my problem.

It appears that you cannot delete the cookie via the Firefox API.

Is this not a problem?

So far, the answers here have either been how to fix the website so that it sets the cookie properly, or how to delete the cookie in another manner.

Neither of these was what my concern is.

My concern is being able to delete this cookie using the Firefox API. Is it possible? If not, is it a bug in Firefox? Should a website be able to set a cookie that cannot be deleted via the Firefox API? Should a bug report be made to fix this in Firefox?

Thanks.

more options

You mean that an extension isn't able to remove this specific cookie? If that is confirmed by its developer then he should file a bug report to get this fixed. I don't know the specifics of how this cookie API works.